|
![]()
I have a site hosted on a typical shared server, $10/month. I created a directory that I can access via FTP to store some slightly sensitive data. The data is passworded in a ZIP file and the directory is also passworded, let alone needing a password to access FTP. How secure is this? Is it easy for a web bot to (benign or otherwise) to scan my site and find my secure data? I've since deleted it until I learn more about security. There are tons of sites selling "online storage" and offering security. Are these sites actually more secure than the setup I have going on?
How secure is a typical website/host?
Well, since you're using straight FTP, it's not all that secure. FTP transfers a clear transmission of your u and p to perform the login. This can be picked up on a port scan and is the most common point of entry for a site hack. Change your u and p, and change it often.
Consider using secure FTP. As for the data being secured in a zip, yes, that's probably cool, maybe they can get in and get the file but may not be able to do anything with it. They'll just hack up your site instead. :-)
Any shared hosting can be vulnerable even if you take the best steps because someone on some OTHER domain on the box can get hacked and may provide a way to gain access to root. If that happens, close your account and run away, the box is toast.
The best way to do all this is get either a dedicated server (lease) or a VPS, install an SSL cert, and don't make any non-secure connections. Did I say change the password often? Change the password often.
How secure is a typical website/host?
For the best hosting comparisons check out
www.tophostreviews.blogspot.com
|
